Greetings good afternoon community team I have a question In the log viewer I see blocked attempts to access some websites with Category "Sexually Explicit" I want to search for older logs but the log viewer only gives me data up to 2 days ago, I…

Hi, I have Sophos XG Firewall 115/116, 125/126. I need get user usage log from before ; - Access logs - Website logs - Application logs My solution need check some user usage website / app / source or destination between internal to external…

Dears, good morning, We are setting up a SIEM in the cloud and I am using the SOPHOS API to share the tool's logs. I have already configured API profiles such as reading and forensics and have not been successful. I have already made all the necessary…

Hello, How can I monitor the places users access the internet, how long they spend in these places, and how much data they exchange on the Sophos XGS2300 device?

Hi all, there is a way to see list of my device, their traffic, their navigation, their hostname, etc? Non only dhcp clinet, even who has a static ip.

I desperately need to find a way to store logfiles from /log (/var/tslog) somewhere permanently. Although I'm already using SYSLOG as an external logging destination, I am missing lots of logging data that cannot be extracted from the GUI and isn't logged…

Hi everyone, one of our customers is experiencing a strange problem, the logs are saying that traffic is denied but well its working, so i guess its a problem with the loggin daemon? Here it says that the traffic is denied and the reasons are always…

Hi folks, what does the blue color mean in log viewer? Can't find it in the documentation. Regards Gero

Hello, How can I generate a custom report (like the one below) as a CSV (or any other structured data format) through the Firewall's API? (I would use the "Schedule" option to send this as an email attachment if it wasn't because only 50 max records…

XGS4500 (SFOS 19.5.3 MR-3-Build652) The quarantine report appears to only show what has been received since the last report was sent. The subject line: Quarantine Digest (1 emails quarantined from 10 May 22 00:15 to 09 Sep 23 09:00) and the header state…

Dear Support We need your assistance on how to get a log from Sophos XGS Firewall 2100/3300. We need to know how or who reboot the firewall last time. Our XGS current firmware are : SFOS 19.5.0 and SFOS 19.5.2 MR-2-Build624 Regards Yousuf…

Hi folks, I have a question about the User Data Transfer Report, specifically the meaning of the "Used Time" column. The documentation describes this as " Used Time: Time used for data transfer." When I have run this report and filtered it to one particular…

HI Folks! We were always able to see under Authentication - Users - View Usage the time ranges, when a user was connected with sslvpn or ipsec via sophos connect. Since we updated our cluster from 19.0.2 MR2 to 19.5.3 MR3 we can only see sslvpn usage…

Hello All, I have setup a weekly data quota for users (we have a WAN metered connection). Is there a report I can generate that shows what each user has consumed in the current weekly cycle? I know users can see this info on the User Portal, however…

The log viewer of Sophos Firewall always opens in a full screen window. I have a 49’’ super ultrawide monitor, so opening the window maximized doesn’t make any sense and I have to resize it every time. Please make it an option to remember the last position…

I would also like to see it shown in the GUI the current usage live so we can see that without having to go into the CLI I would like to see a report of each port's, utilization for all physical ports and vlans on those ports. for example, the max this…

Hello everyone. In the current activities--> live users panel, I don't see all the ones with the Heartbeat, I have configured a domain controller to authenticate people and people can login with their AD credentials correctly The question is that…

Hello, it looks like the XGS3100 is sending faulty snmpV3 traps. In order to check that I would like to enable the debugging log for the snmp deamon, There is a manual for the UTM but doesn't seem to be the same for the XG. https://support.sophos…

XG 19.5.2 is starting to flood the /var/eventlogs folder with *.db files like 89340.db Any idea what is causing this? XG430_WP02_SFOS 19.5.2 MR-2-Build624 HA-Primary# df -h Filesystem Size Used Available Use% Mounted on none 1.5G 3.4M 1.4G 0% /…

Hi all, So exported a custom report web surfing report and it contains a lot of information. Is there a way to see just the sites the person visited rather than all other erroneous traffic like certs, etc?

Im trying to figure out why traffic is being dropped between Lan and VPN. I have the firewall rule made to allow traffic. Traffic is passing fine except for traffic on 1 port. It is not showing in the Log but it i did drop-packet-capture this pops up…

Hello everyone, I've configured one of our Sophos devices with some rules and policies . The problem is with the amount of Logs it generates per second! There are too many Information level logs about WAF and other types of log components. So it…

Hi, I have rule 5. It's a DNAT from the WAN IP 188.175.113.182 in to the network to the VoIP server. If I look in the LOG, I see the following: The first line does correspond to rule 5, but what do the other lines mean? They are also marked…

Hi Sophos community, Is there a way to see device reports by device name? In other Firewalls I had this option but it doesn't seem to be an available feature thru Sophos.

Hi all, we want to upload the Sophos XG Logfiles to Microsoft 365 Defender (Cloud App Security). In general the Logfiles are received by Microsoft but in the wrong format. On the Sophos XG we selected "Standard Syslog protocol" and on Microsoft site…